<?php
/*
 * Created on 19 avr. 07
 *
 * To change the template for this generated file go to
 * Window - Preferences - PHPeclipse - PHP - Code Templates
 */

uses('sanitize');

class ConfigsController extends AppController {

	var $name = 'Config';
	var $helpers = array('Html', 'Form', 'Ajax');
	var $components = array('Acl', 'Security', 'RequestHandler');
	
	/*#####################################
	 -/!\ SECURITY /!\
	 -caddy-x6tm is a beta version
	 -This controller can be use as a backdoor to create caddy administrators
	 -Don't use on a production server for now
	 -remove the code below after successfull installation 
	#####################################*/
	
	function index(){
		$this->redirect('/configs/install_acl');
	}

	function install_acl(){
		$aro = new Aro();
		
		$aro->create(0, 0, 'admins');
		$aro->create(0, 0, 'dealers');
		$aro->create(0, 0, 'users');
		
		$aco = new Aco();
		
		$aco->create(0, 0, '/configs');
		$this->Acl->allow('admins', '/configs');
		$this->Acl->allow('dealers', '/configs', 'read');
		
		$aco->create(0,0, '/bills');
		$this->Acl->allow('dealers', '/bills', '*');
		$this->Acl->deny('dealers', '/bills', 'delete');
		$this->Acl->allow('admins', '/bills', '*');
		
		$aco->create(0,0, '/categories/add');
		$this->Acl->allow('dealers', '/categories/add', '*');
		$this->Acl->allow('admins', '/categories/add', '*');
		
		$aco->create(0,0, '/customers');
		$this->Acl->allow('dealers', '/customers', '*');
		$this->Acl->deny('dealers', '/customers', 'delete');
		$this->Acl->allow('admins', '/customers', '*');
		
		$aco->create(0,0, '/products/add');
		$this->Acl->allow('dealers', '/products/add', '*');
		$this->Acl->allow('admins', '/products/add', '*');
		
		$aco->create(0,0, '/posts');
		$this->Acl->allow('dealers', '/posts');
		$this->Acl->allow('admins', '/posts');
		
		$aco->create(0, 0, '/users/knownusers');
		$this->Acl->allow('admins', '/users/knownusers', '*');
		
		$this->Session->setFlash('installation Acl terminée.');
		$this->redirect('/configs/install_admin');
		
	}
	
	function install_admin(){
		$this->set('username_error', 'Le login doit être compris entre 5 et 40 charactères.');
		
		if(empty($this->data)) {
			$this->render();
		} else {
			$san = new Sanitize();
			$this->data['User']['username'] = $san->paranoid($this->data['User']['username']);
			$this->data['User']['email'] = $san->paranoid($this->data['User']['email'], array('@', '.', '-', '+'));
			$this->data['User']['first_name'] = $san->paranoid($this->data['User']['first_name'], array('-'));
			$this->data['User']['last_name'] = $san->paranoid($this->data['User']['last_name'], array(' ', '-'));
			
			if($this->Config->validates($this->data))
			{
				if($this->data['User']['password'] != $this->data['User']['password2']){
					$this->Config->invalidate('password2');
				} else {
					$this->data['User']['password'] = md5($this->data['User']['password']);
				
					//bind
					$this->Config->bindModel(
									array('hasOne' => array(
											'User'=> array('className' => 'User')
											)
									)
								);
								
					$this->cleanUpFields();
					if($this->Config->User->save($this->data))
					{
						//add to customers
						$this->data['Customer']['user_id'] = $this->Config->User->id;
						$this->data['Customer']['username'] = $this->data['User']['username'];
						$this->data['Customer']['email'] = $this->data['User']['email'];
						if(!empty($this->data['User']['first_name'])) $this->data['Customer']['first_name'] = $this->data['User']['first_name'];
						if(!empty($this->data['User']['last_name'])) $this->data['Customer']['last_name'] = $this->data['User']['last_name'];
						$this->Config->User->Customer->save($this->data);
						
						//definition Acl
						$aro = new Aro();
						$aro->create($this->Config->User->id, 'admins', $this->data['User']['username']);
						$aco = new Aco();
						$aco->create($this->Config->User->id, null, 'customer-'.$this->Config->User->Customer->id);
						
						$this->Acl->allow($this->data['User']['username'], 'customer-'.$this->Config->User->Customer->id);
						$this->Acl->allow('dealers', 'customer-'.$this->Config->User->Customer->id);
						$this->Acl->deny('dealers', 'customer-'.$this->Config->User->Customer->id, 'delete');
						$this->Acl->allow('admins', 'customer-'.$this->Config->User->Customer->id);
				
						$this->Session->setFlash('L\'enregistrement s\'est correctement déroulé. <br />L\'installation est terminée');
						$this->redirect('/');
					} else {
						$this->Session->setFlash('Un problème est survenu lors de l\'enregistrement des informations');
					}
				}
			} else {
				$this->validateErrors($this->Config);
			}
		}
	}
	
	/*#####################################
	 -/!\ END OF SECURITY ALERT /!\
	 -remove the code above on a production server
	 -the code below is now secure
	#####################################*/
	
	function users(){
		if(!$this->Acl->check($this->Session->read('user'), '/configs', 'update')){
			$this->Session->setFlash('Action non autorisée');
			$this->redirect('/');
		}else{
		
			//bind
			$this->Config->bindModel(
				array('hasMany' => array(
						'User'=> array('className' => 'User')
							)
						)
					);
			
			//get users list
			$this->set('users', $this->Config->User->generateList(null, 'username ASC', null, '{n}.User.username', '{n}.User.username'));
			$this->Config->User->recursive = 0;
			$users = $this->Config->User->findAll();
			
			//debug($users);
			$admins = array();
			$dealers = array();
			foreach($users as $user){
				if($this->Acl->check($user['User']['username'], '/configs', 'update')){
					//this user is admin
					$admins[] = $user['User'];
				}elseif($this->Acl->check($user['User']['username'], '/configs', 'read')){
					//this user is dealer
					$dealers[] = $user['User'];
					//else he's normal user : do nothing
				}
			}
			$this->set('admins', $admins);
			$this->set('dealers', $dealers);

			if(!empty($this->data)){
				$this->cleanUpFields();
				if($this->data['Config']['user'] == ''){
					$this->Config->invalidate('user');
				}
				if($this->data['Config']['parent'] == ''){
					$this->Config->invalidate('parent');
				}
				if(!$this->Config->validates($this->data)){
					$this->Session->setFlash('Corriger les erreurs suivantes');
				}else{
					$aro = new Aro();
					if($aro->setParent($this->data['Config']['parent'], $this->data['Config']['user'])){
						$this->Session->setFlash('Les droits de l\'utilisateur ont été modifiés.');
					}else{
						$this->Session->setFlash('Une erreur s\'est produite');
					}
				}
			}
		}
		
		
	}
}
?>
